incubator-projects mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Noel J. Bergman" <n...@devtech.com>
Subject RE: high level design from wiki
Date Fri, 18 Jul 2008 12:27:31 GMT
Angela Cymbalak wrote:

> * Should the user management default be Apache Directory or a
>   simple database?

User management is ambiguous.  Are we talking about authentication?
Authorization?  And we should probably not be dependent on a particular
repository type.

> * How will access control be implemented?

TBD, and it may exist at different control points, e.g., at the business
logic level (container or component managed) and data store level
(JCR/JackRabbit).

> * Will the Web service just provide data for machine to machine
>   exchanges or will it default to human readable?

I doubt that the "Web service" would be in any way human readable, by
default or otherwise.

> * Should the project impose a backend data storage mechanism and
>   schema, or just WS/REST interfaces suitable for pluggable frontends?

This comes down to a coupling issue. We need a schema to implement.  We can
publish that, and other JCR using tools could leverage, but they would be
tightly coupled to our schema.  Access via WS and/or REST interfaces can be
more loosely coupled, allowing for schema/interface evolution.

> * Should we use JCR or a (relational) Database?

See prior response, but I believe that we're nominally agreed to hang our
implementation on JCR and see how that goes.

> The photos and meta data will be exposed via a Web service.  During
> discussions on the lists regarding how the code should be written,
> the one thing that no one seemed to be able to agree on was how the
> photos should be displayed.

We should not need to do so, if you're talking about a Web service.  The Web
service client would be responsible for presentation.  What we need to
determine is the Web service interface by which the client would interact
with repository content.

>  Question: Will the Web service just provide data for machine to machine
exchanges

Yes.

> We plan on looking at the Tuscany SCA implementation to facilitate the WS.

Then we'll be talking about SCA for the interface and SDO for the data
types.

> The storage for all data will use Apache Jackrabbit

> The actual node and property structure has yet to be determined.
> Questions: Should the project impose a backend data storage
> mechanism and schema, or just WS/REST interfaces suitable for
> pluggable frontends?

I believe that I've replied to this above.  We need and can document the
repository schema, but users would be more tightly coupled, and risking a
more fragile connection, compared to accessing the content via interfaces.

> Access control should provide the option to mark photos as public
> (anyone), protected (invite only), or private (just the owner).
> Options for managing the invites for each user are LDAP or a simple
> database. Permission checking can be implemented in the backend
> as a Jackrabbit access manager or in an application layer. Candidate
> technologies are JAAS and JSecurity, which both allow for pluggable
> authentication.

As noted above, access control (authorization) can be handled at multiple
points.  The surface area related to authorization should be strictly
limited, and not pervasive.

	--- Noel



---------------------------------------------------------------------
To unsubscribe, e-mail: projects-unsubscribe@incubator.apache.org
For additional commands, e-mail: projects-help@incubator.apache.org


Mime
View raw message